PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure

Actions to take today to mitigate Volt Typhoon activity: 1. Apply patches for internet-facing systems. Prioritize patching critical vulnerabilities in appliances known to be frequently exploited by Volt Typhoon. 2. Implement phishing-resistant MFA. 3. Ensure logging is turned on for application,...

The vulnerability of the SAP NetWeaver file server allows a malicious attacker to gain unauthorized access to the SUP CUA subsystem.

The SAP NetWeaver application contains an error that allows a malicious individual to remotely gain access to the SAP CUA child system and read any tables from the central SAP CUA system...